This section is intended to introduce the reader to various aspects of art, which may be related to various aspects of the present invention that are described and/or claimed below. This discussion is believed to be helpful in providing the reader with background information to facilitate a better understanding of the various aspects of the present invention. Accordingly, it should be understood that these statements are to be read in this light, and not as admissions of prior art.
An important security problem with computer networks is that humans are involved. Administrating such a network requires specific knowledge, which the average user rarely has. For this reason, a user faced with complicated user interfaces often opts for the lowest level of security, sometimes even removing it completely. It can thus clearly be appreciated that there is a need for an easy way to facilitate the task for the user as much as possible, while keeping security at an acceptable level, especially in wireless networks that by nature are easy to eavesdrop and use information transmitted in such a network for purposes it was not intended for, such as hacking.
Many existing solutions require the user to have access to both of the devices he or she wishes to associate. The user may for example instruct each device to associate only with the other device. For example, European patent application EP 1411674 A1 presents a solution where a central point, at the simple click of a button, restricts the coverage of the radio waves it transmits. Then the user activates a function on a device within the reduced coverage area to insert it into the network of the central point. A disadvantage with this solution is that it is rather vulnerable to various kinds of attacks, such as for example the well-known man-in-the-middle attack. The person skilled in the art will also appreciate that it is not always possible for the user to access both devices, such as if the central point is not physically attainable.
Other solutions require the user to know a secret of the device to be associated with, such as an identity of the device or a secret network key. As such knowledge is often difficult to remember—particularly if the association is not often performed as is normally the case, especially in home networks—then the user may be tempted to leave security holes in the system. Such security holes may appear if the user writes the information down, chooses a very simple network key, or simply leaves the key delivered with the device, which may mean that the network key is ‘0’ and thus offers practically no protection whatsoever.
The present invention attempts to remedy at least some of the concerns connected with the prior art, while enabling a user to create a secure community of devices that may be equipped with simple user interfaces and where at least some of the devices may not be physically attainable.